DHCP Superscope

A superscope is a collection of individual scopes that can bemanaged as a single administrative unit. That’s what the booksays, so it must make sense, right? Well if that doesn’t makemuch sense to you

A superscope is actually a collection of individual scopes. Whenyou group different scopes together into a single superscope, youcan do the following:

Place DHCP clients from multiple network IDs on the samephysical segmentAllow remote DCHP clients from multiple network IDs toobtain an address from a DHCP ServerPlace multiple DHCP Servers on the same physical segment,with each DCHP Server being responsible for a differentscope.

The superscope will allow the DHCP Server to answer requests fromDHCP clients from different network IDs. Now, you might ask,can’t you just create multiple scopes on a DHCP Server and theneverything will be cool? Let’s see what happens.

Multiple Scopes on a Single DHCP Server

Imagine that you have configured a DHCP Server with two scopesserving the entire address range for the following network IDs:

192.168.1.0/24192.168.2.0/24

The DHCP Server has a single network interface, and its IPaddress is 192.168.1.5. You want the DHCP Server to answerrequests from clients on its locally attached network192.168.1.0/24, and from the remote network, 192.168.2.0/24. Theremote DHCPRequest messages are forwarded through BOOTP Relay.What will happen when a request from a client on the192.168.2.0/24 makes a request to this DHCP Server?

The request is forwarded through the BOOTP Relay to the DHCPServer. The DHCP Server checks the giaddr field in theDHCPRequest or Discover message to see what network ID therequest is coming from. The DHCP Server compares this informationwith the network ID assigned to its local interface. If thenetwork ID in the request and the network ID of the DHCP Server’sinterface is the same, the DHCP Server will check to see if ithas a scope that can service the request. If it does have ascope, it continues the DHCP negotiation.

However, if the request from a network ID that is different fromthat of the DHCP Server, the DHCP Server will see if it has asuperscope that includes an address pool that can service thatnetwork ID. If it does not have such a superscope, then it willsend a NACK packet, and the DHCP client must start all overagain.

How about adding multiple IP addresses to the DHCP Server’sInterface? In this way, the DHCP Server would be able to comparethe source network ID with the addresses on its interface, andsee that the source was on the name network ID as the DHCPServer. Now it wouldn’t need to look for a superscope.

This will not work! It will not work because when you bindmultiple IP address to a single adapter on the DHCP Server, theDHCP Server service will only use the primary IP address to makeits assessments. It will not use any of the secondary IPaddresses bound to the adapter.

A solution to this problem could be to include a second NIC onthe DHCP Server and assign it a primary address on the192.168.2.0/24 network ID. However, using a superscope is a loteasier and a lot cheaper than adding new hardware.

ConclusionIf you didn’t know about the utility of superscopes, you do now.You now know that putting multiple scopes on a single DHCP Serverand letting ‘er rip won’t do the job, and so you have to considerthe network IDs of the clients that need to access the DHCPServer, and the IP addresses and network interfaces on the DHCPServer.

Superscopes allow you to not add extra network interfaces to yourDHCP and still be able to service DHCP clients from multiplenetwork IDs. They also allow you to place multiple DHCP Serverson a single physical segment and prevent clients from obtainingIP addresses on a different network ID as well as reducing thenumber of NACKS send by the DHCP Server. This will help reducethe number of NACK entries in your Event Log as well.